/*****************************************************************************
  Copyright ?2002-2004 by Martin Cook. All rights are reserved. If you like
  this code then feel free to go ahead and use it. The only thing I ask is 
  that you don't remove or alter my copyright notice. Your use of this 
  software is entirely at your own risk. I make no claims about the 
  reliability or fitness of this code for any particular purpose. If you 
  make changes or additions to this code then please clearly mark your code 
  as yours. If you have questions or comments then please contact me at: 
  martin@codegator.com
  
  Have Fun! :o)
*****************************************************************************/

using System;
using System.Data;
using System.Security.Principal;
using System.Threading;

using CG.Security.Configuration;
using CG.Security.Data;

namespace CG.Security
{

	/// <summary>
	/// Provides static methods that supply helper utilities for managing 
	/// system-level roles.
	/// </summary>
	public sealed class RoleManager
	{
		
		// ******************************************************************
		// Attributes.
		// ******************************************************************

		#region Attributes

		/// <summary>
		/// The data object used to interface with the database.
		/// </summary>
		private static IRoleData c_roleData;

		#endregion

		// ******************************************************************
		// Constructors.
		// ******************************************************************

		#region Constructors

		/// <summary>
		/// Class constructor.
		/// </summary>
		static RoleManager()
		{
			c_roleData = DataManager.RoleData;
		} // End RoleManager()

		#endregion

		// ******************************************************************
		// Public methods.
		// ******************************************************************

		#region Public methods

		/// <summary>
		/// Creates a new system-level role. Note that the calling user must
		/// be a member of the 'Admin' role in order to perform this action.
		/// </summary>
		/// <param name="roleName">The name of the role (must be unique).</param>
		/// <param name="roleDescription">The description of the role (optional).</param>
		/// <returns>The identifier for the role.</returns>
		public static int Create(
			string roleName,
			string roleDescription
			)
		{

			// Check the role of the user before we proceed.
			if (!Thread.CurrentPrincipal.IsInRole("Admin"))
				throw new SecurityException("User must be in the Admin role to perform this action!");

			// Create the role in the database.
			return c_roleData.Create(
				roleName,
				roleDescription
				);

		} // End Create()

		// ******************************************************************

		/// <summary>
		/// Deletes the specified system-level role. Note that the calling user must
		/// be a member of the 'Admin' role in order to perform this action.
		/// </summary>
		/// <param name="roleID">The identifier for the role.</param>
		public static void Delete(
			int roleID
			)
		{

			// Check the role of the user before we proceed.
			if (!Thread.CurrentPrincipal.IsInRole("Admin"))
				throw new SecurityException("User must be in the Admin role to perform this action!");

			// Delete the role in the database.
			c_roleData.Delete(
				roleID
				);

		} // End Delete()

		// ******************************************************************

		/// <summary>
		/// Updates the specified system-level role. Note that the calling user must
		/// be a member of the 'Admin' role in order to perform this action.
		/// </summary>
		/// <param name="roleID">The identifier for the role.</param>
		/// <param name="roleName">The new name of the role (must be unique).</param>
		/// <param name="roleDescription">The new description of the role (optional).</param>
		public static void Update(
			int roleID,
			string roleName,
			string roleDescription
			)
		{

			// Check the role of the user before we proceed.
			if (!Thread.CurrentPrincipal.IsInRole("Admin"))
				throw new SecurityException("User must be in the Admin role to perform this action!");

			// Update the role in the database.
			c_roleData.Update(
				roleID,
				roleName,
				roleDescription
				);

		} // End Update()

		// ******************************************************************

		/// <summary>
		/// Returns all the system-level roles in the database.
		/// </summary>
		/// <returns>A DataSet containing all the roles in the database.</returns>
		public static System.Data.DataSet FindAll()
		{

			// Get the list of roles from the database.
			DataSet ds = c_roleData.FindAll();

			// Ensure the dataset has a consistant name.
			ds.DataSetName = "RoleData";

			// Ensure the table has a consistant name.
			ds.Tables[0].TableName = "cg_security_role";

			return ds;

		} // End FindAll()

		// ******************************************************************

		/// <summary>
		/// Returns the properties for the specified system-level role.
		/// </summary>
		/// <param name="rightID">The identifier for the role.</param>
		/// <returns>A DataReader containing the properties for the specified role.</returns>
		public static System.Data.IDataReader FindByPK(
			int roleID
			)
		{

			// Find the role in the database.
			return c_roleData.FindByPK(
				roleID
				);

		} // End FindByPK()

		#endregion

	} // End clas RoleManager

} // End namespace CG.Security
